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Abstract —This paper studies the physical consequences of a 
class of unohservahle state-and-topology cyher-physical attacks 
in which both state and topology data for a sub-network of the 
network are changed by an attacker to mask a physical attack. 
The problem is formulated as a two-stage optimization problem 
which aims to cause overload in a line of the network with 
limited attack resources. It is shown that unobservable state- 
and-topology cyber-physical attacks as studied in this paper can 
make the system operation more vulnerable to line outages and 
failures. 

Index Terms —Cyber-physical system, false data injection at¬ 
tack, topology, state estimation, two-stage optimization. 

I. Introduction 

HE electric power system is a complex cyber-physical 
system and is monitored by an intelligent which includes; 
(i) a supervisory control and data acquisition (SCADA) sys¬ 
tem; and (ii) an energy management system (EMS) that pro¬ 
cess the SCADA data. Network topology is important system 
data used in various data processing modules in the EMS. 
Changes in topology can result from either system incidents 
or malicious physical attacks; but, in general, such topology 
alterations can be detected in the cyber layer. However, a 
sophisticated attacker can launch cyber attacks that alter the 
topology information in an unobservable manner; furthermore, 
they can also mask a physical attack via a cyber attack to 
create a more coordinated attack. Such cyber-physical attacks 
can result in wrong EMS solutions with potential serious 
consequences. Therefore, it is instructive to fully understand 
such attack consequences as a first step to thwart them. 

There has been much recent interest in understanding both 
the physical and cyber security challenges facing the electric 
power system. While there has been focus on the consequences 
of physical attacks on the system operation (e.g., Q), those 
of cyber as well as coordinated cyber-physical attacks are less 
understood. In this paper, we introduce a class of unobservable 
state-and-topology cyber-physical attacks in AC state estima¬ 
tion (SE) and focus on fully understanding its consequences. 

A. State of Art 

False data injection (EDI) attacks: In Q, Liu et al. first 
introduce a class of EDI attacks on DC SE. In 0. Hug and 
Giampapa focus on EDI attacks on AC SE and introduce 
a class of unobservable attacks that are limited to a sub¬ 
graph of the networks. They demonstrate that though AC 
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SE is vulnerable to unobservable EDI attacks, it requires the 
knowledge of both system topology and states to launch such 
attacks. More recently, the attacks in Q by Liang et al. study 
attack consequences by introducing a class of unobservable 
EDI attacks for AC SE and demonstrate that such attacks can 
lead to a physical generation re-dispatch and line overflow. 

Topology attacks: Unobservable cyber attacks on topology 
can be of two types: line-maintaining and line-removing. For 
a line-maintaining attack, the attacker changes measurements 
and line status information to make it appear that line that 
is not in the system is now shown as active at the control 
center via SCADA data; the opposite is achieved by a line- 
removing attack. For both line-removing and line-maintaining 
attacks, an attack can either change only topology data {i.e., 
state-preserving topology attack) or both state and topology 
data {i.e., state-and-topology attack). The class of unobservable 
cyber topology attacks is first introduced in Q; however, the 
analysis in Q is restricted to a subclass of state-preserving 
line-removing attacks in which an attacker changes topology 
information of the system without changing the states. 

Line-maintaining attacks: This sub-class of topology attacks 
require both physical line outage and cyber attack to mask the 
physical topology alteration and have not been studied yet 
in the literature. In this work, we study the line-maintaining 
cyber-physical attacks in which both physical and cyber 
topology are changed by the attacker. In Q, we consider 
unobservable state-preserving line-maintaining attacks (i.e., 
only topology data is changed) for which we develop an 
algorithm using breadth-first search (BFS) to find the smallest 
sub-network required to launch such an attack. However, 
changing only topology and not changing states limits the 
number of feasible lines amenable to attacks and also requires 
large load shifts at the end buses of a target line. Therefore, 
in this work, we determine attacks that change both state and 
topology. 

Attack consequences: There has been much focus on effect 
of attacks on operation costs Q, Q and electricity markets 
0^ H); in contrast, as in Q, | |ll| , this paper highlights 
physical system consequences of cyber-physical attacks. For 
cyber attacks whose goal is to effect electricity market and 
physical consequences, the attacks can be modeled as two- 
stage optimization problems where the first stage models the 
attack design with constraints that capture attacker’s limitation 
and the second stages models the system response (see |j7), 
0, O)). In this paper, we also use a two-stage optimiza¬ 
tion problem to find unobservable state-and-topology cyber¬ 
physical attack that can maximize power flow on a chosen line. 
Furthermore, due to the combination of physical and cyber 
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attacks, we employ such a two-stage attack twice as detailed 
in the sequel. 

B. Contributions 

The contributions of this paper are two-fold. First, we 
introduce a class of unobservable state-and-topology cyber¬ 
physical attacks in which an attacker can change both cyber 
state and topology data to enable a coordinated physical and 
cyber attack on AC SE. Such an attack consists of a physical 
attack to first trip a transmission line, followed by a cyber 
attack that masks the physical attack. The goal is to overload 
a chosen line (different from tripped line) while avoiding being 
detected by both SE and the subsequent modules. 

Our attack model also captures the realistic limitation that 
the attacker can only access a sub-network of the entire power 
system, and therefore, can take down a line and modify 
the measurements only inside the sub-network. To this end, 
we can solve a two-stage optimization problem to determine 
the attack. However, since both physical attack and the re¬ 
dispatch resulting from cyber attack can lead to state changes, 
two attack vectors are required to enable the above two 
state changes and ensure the unobservability of the attack. 
Therefore, we formulate a two-step strategy to determine the 
attack. 

The second contribution of our work is to demonstrate the 
consequences of the worst cyber-physical attacks determined 
by the proposed attack strategy on AC SE and AC OPE. 
We show that the cyber-physical attacks introduced here can 
successfully lead to line overflows in the IEEE 24-bus system 
with limited size of attack sub-network and load shifts. 

The remainder of this paper is organized as follows. Sec. 
|II] introduces the general system model. Sec. [111] introduces 
the attack model. Sec. m presents a two-step attack strategy 
to identify the worst-case overflow attack. Sec. IV] analyzes 
the numerical results for a test system. Sec. |Vl| draws the 
conclusion of this paper and presents the future works. 

II. System Model 

In this section, we introduce the mathematical formulation 
for the various computational units of power system operation, 
including system network and topology, state estimation, and 
optimal power flow. Throughout, we assume there are rib 
buses, Ubr branches, Ug generators, and measurements in 
the system. In Eig. [T] we illustrate a typical temporal sequence 
of data processing units in the cyber layer. 


B. State Estimation 

Consider an x 1 vector z of nonlinear measurements (for 
AC SE) given as 

z = h{x,Q) + e (1) 

where x = [0, is the system state vector, and e is an 
riz X 1 noise vector which is independent of x and is modeled 
as Gaussian distributed with 0 mean and cr| covariance such 
that the measurement error covariance matrix is given by i? = 
(i*ap({crf The function h{x,Q) is a vector of nonlinear 

functions that describes the relationship between the system 
states and measurements for a topology Q. 

We use weighted least-squares (WES) AC SE to calculate 
the 6 and V GlI- Subsequent to SE, bad data detector use 
test to detect bad data and bad data identification use 
largest normalized residual method to filter the bad data. 


C. Optimal Power Flow 

The OPE problem can be written as 


min C {x) 
s.t. F (x) = 0 
T (x) ^ 0 




( 2 ) 

( 3 ) 

( 4 ) 

( 5 ) 


where x = [9,V, Pa,QG]^is the optimization vector with 
voltage angle 9, voltage magnitude V that are both nt x 1 
vectors, and active power generation Pq, reactive power 
generation Qg that are both Ug x 1 vectors; C( ) denotes the 
cost function of x; F {■) denotes the equivalent constraints 
(power balance constraints); T {■) denotes the inequivalent 
constraints (power flow limits). 



X Physical attack ^ Cyber attack 


Fig. 1. Temporal Sequence of Data Processing Units in The Cyber Layer 
within Attack. 


A. System Network and Topology 

The electric power system can be represented by a graph 
Q = {AA, f} where JV and S are the sets of buses and lines, 
respectively. 

At the control center, SCADA collects line status data as a 
Ubr X 1 vector s with entries Sk G {0,1} for k G {1, ...,nbr} 
that indicate the on and off status of circuit-breakers on each 
line. The data is then passed to a topology processor to map 
the real-time power system topology. Each s corresponds to a 
specific system topology Q. 


III. Attack Model 

The unobservable state-and-topology cyber-physical attack 
considered here models both a physical attack and a coordi¬ 
nated cyber attack. 

We assume the attacker has the following capabilities; 

1) Attacker has knowledge of the topology Go of entire 
network prior to physical attacks. 

2) Attacker has the capability to launch physical attack, and 
observe and change measurements only for a sub-graph 







































3 


S of Qq. The choice of S is described in detail in the 
sequel. 

3) Attacker has the capability to perform SE and compute 
modified measurements for S. 

4) Attacker has knowledge of the capacity and operation 
cost of every generator in the network. 

5) Attacker has historic data of load patterns and generation 
dispatch of the entire network. 

We assume that the power system is observable before and 
after the physical attack. 

In this paper, we focus only on physical attacks that target 
transmission lines. We denote the line that is physically tripped 
by the attacker as the switching attack line and the two end 
buses of this line as the switching attack buses. Assume the 
switching attack line is line t and the topology prior to the 
physical attack is Qq. The physical line status for line t changes 
from St = 1 to St = 0 after the physical attack and the 
corresponding physical topology changes to Q. 

In general, a physical attack will be subsequently detected 
by the topology processing unit in the EMS and the system 
topology will be updated shortly after the detection. How¬ 
ever, a sophisticated attacker can hide such physical attacks 
by launching an unobservable cyber attack. In the resulting 
unobservable cyber topology attack, the attacker modihes line 
status as well as related bus measurements to alter the system 
topology ^ to a different “target” topology Q = {N,£}. Since 
the attacker’s aim is to hide the topology alteration caused by 
the physical attack, Q should be chosen as ^o- 

To launch a state-and-topology attack, the attacker injects 
ribr X 1 line status attack vector b and x 1 measurement 
attack vector a. The attack vector b for line status overrides 
the physical change on line f’s status by setting for bk = 0 for 
k ^ t and bi, = l for k = t. These changes lead to a new system 
state X for the system under attack. This attack modihes (s, z) 
for topology Q to (s, z) for topology Q such that 

s = s + b, and z = z + a. ( 6 ) 

In the absence of noise, the measurement attack vector satishes 
a = h{x,Q) - h{x,Q). (7) 

Eor nonlinear measurement model and AC SE, we model 
a sophisticated attacker who attacks measurements and line 
status data for a sub-graph S of the network by hrst estimating 
the system states x inside S using AC SE. The attacker then 
chooses a small set of buses in S to change states from the 
estimate x to x = x + c such that the measurement vector z 
after cyber attack has entries 

hi{x + c,g) , 

where Xs denotes the set of measurements inside S. 

We use the following method to identify the sub-graph S 
for an unobservable state-and-topology attack. Throughout, we 
distinguish two types of buses: load buses with presence of 
load and non-load buses with no load. 

1) Use the optimization problem (the details are in the 
sequel) to determine the load buses from the attack 


vector c whose states need to be changed (defined as 
center bus) to enable the attack. 

2) Include all center buses in S. 

3) Extend S by including all buses and branches connected 
to the buses inside S. 

4) If there are non-load buses on the boundary of S, 
extend S by including all adjacent buses of the non-load 
boundary buses and the corresponding branches. 

5) Repeat 4) until all boundary buses of S are load buses. 

6 ) Check if there is a path (actual bus and branch con¬ 
nection) in S that can connect the two switching attack 
buses. If such path exits, then S is the attack sub-graph. 
If there is no such path, go to Step 7). 

7) Use BES method to hnd the shortest path connecting the 
two switching attack buses. Include the shortest path in 
S. Then this S is the attack sub-graph. 

Steps 1)—5) ensure the boundary buses of S are load 
buses with states unchanged. Eor a non-load bus in S, since 
the injection of non-load buses are known to the control 
center, the attacker should ensure that under an attack, the 
net injection is equal to the net flow into the bus. Thus, 
the state changes for non-load buses are dependent on those 
for the neighboring load buses. Eurthermore, the state of a 
boundary bus j is computed using both measurements inside 
and outside S. Erom if a measurement i for i ^ Z 5 is 
dependent on the j* state, then the corresponding j* entry of 
the attack vector should satisfy Cj = 0 to ensure the attack 
to be unobservable. Thus, a boundary bus cannot have a state 
change, and therefore, cannot be a non-load buses. 

Steps 6 ) and 7) ensure that the states of switching attack 
buses can be estimated with measurements inside S. To 
maintain the switching attack line as active in the cyber layer, 
the attacker needs to modify the line status as well as power 
flow measurements on the switching attack line and power 
injection measurements on the switching attack buses. This in 
turn, requires the attacker to estimate the states of switching 
attack buses to create the false measurements. However, since 
this line is physically disconnected, the attacker needs to use an 
algorithm such as BES to determine an alternate shortest path 
connecting the 2 switching attack buses, and thereby estimate 
the states and changed measurements. In general, state change 
is required for at least one of the switching attack buses. 
This bus, thereby, will be included in S. However, S may 
not include the entire physical path. Thus, the attacker needs 
steps 6 ) and 7) to complete the path. 

IV. Attack Strategy 

In this section, we study the worst-case cyber-physical 
attacks. We assume the attacks can: (a) physically trip a 
switching attack line and mask the physical attack with a 
cyber attack; (b) maximize power flow on a target line-, and 
(c) avoid detectability by limiting load shift via changes in 
measurements. The attack resources available to the attacker 
may also be limited. We model this limitation by constraining 
the size of sub-network the attacker has access to. This leads 
to a constrained optimization problem. As noted before, two 
attack vectors are needed for the physical and cyber parts of 
the attack and each optimization problem is described below. 
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Our two-step optimization problem captures the temporal 
nature of attack sequence involving a physical attack followed 
by several cyber attacks. 

In Fig. we illustrate this temporal sequence of attack 
and system events. The system events are periodic and are 
denoted by St for the f* event. At the start of each St, 
data is collected from SCADA and by the end of St, i.e., 
the start of St+i, data is processed in the EMS. There are 2 
attacks instance, Aq and Ai to denote the physical and cyber 
attack events, respectively. We assume the physical attack 
event Aq is launched immediately after the start of the 0 * 
system event, Le., Sq, and the coordinated cyber attack event 
Ai is launched shortly after, but before the start of next system 
event ^i. Following this cyber-physical attack pair (Aq, Ai), 
the cyber attack is sustained between every two system events 
to maintain the worst generation dispatch, and thereby, sustain 
the maximal power flow on the target line. In TABLE 
we denote how the cyber (measured) and physical (actual) 
data including generation dispatch, system state, topology, and 
loads vary at all system and attack events. 

X Physical attack A,, ^ Cyber attack A ^ ^ 

I w » I— * -1— * —-► 

* * * * System and 

■So A) A •S| A ■So A . ■Sr A.i Attack Events 

Fig. 2. Time sequence of attack and system events. 


TABLE I 

Physical and cyber data for attack and system events. 


System 

and 

Attack 

Event 

Eo 

Ao 

Ai 

Si 

A 2 

S 2 

As 


St 

At+1 

Generatio 

Dispatch 

^ pO 

pO 

pO 

^G 

P* 

^G 

p* 

^G 

P* 

^G 

p * 

^G 


p * 

^G 

P* 

^G 

Physical 

Topolog} 

Q 

Q 

g 

g 

g 

g 

g 


g 

g 

Cyber 

Topolog} 

Q 

gu 

yoQ 

g 

g 

g 

g 


g 

g 

Physical 

State 


Oo 

&0 

e* 

e* 

9 * 

9 * 


9* 

e* 

Cyber 

State 

6o_ 

So 

9o+c° 

9*+c 

9*+c 

9*+c 

9*+c 


9*+c 

9*+c 

Physical 

Load 

Pd 

Pd 

Pd 

Pd 

Pd 

Pd 

Pd 


Pd 

Pd 

Cyber 

Load 

Pd 

Pd 

Pd 

Pd 

Pd 

Pd 

Pd 


Pd 

Pd 


Assume the system topology and the generation at S'g 
Q and Pq, respectively. From TABLE we can see that 
the system physical topology changes to Q after the physical 
attack. The physical operation states, thereby, change to Oq. 
The attacker then injects cyber attack vector c° to change the 
load pattern from the physical load Pp to the false cyber load 
Pr) to mask the physical topology alteration. The physical 
and cyber loads at attack event Ai satisfy the following 
relationships, respectively: 

Pd=AgnP^-Hi0o, and Pd = AgnP^-Hi {0o + c°) (9) 

where Agn is rib x rig generator-to-bus connectivity matrix; 
Hi and Hi are rib x rib dependency matrices between power 


injection and voltage angle for Q and Q, respectively. When 
subtracting the two equations in Q, the cyber loads are related 
to the physical loads as 

Pd=Pd+ Hi0o - Hii0o + c°) ( 10 ) 

The false cyber load Pd and topology Q leads to a system re¬ 
dispatch to the optimal generation dispatch Pq at ^i. Since 
the attacker optimization problem at each step models the 
system response, such an optimal dispatch will cause maximal 
power flow on the target line. Following this first cyber attack 
Ai, since the generation dispatch changes at Si, the physical 
system states also change to 0*. To sustain both the optimal 
dispatch Pq and the false cyber topology Q at the next system 
event, i.e., S 2 , the attacker needs to maintain the false cyber 
load Pd by injecting another attack vector c at A 2 . Thus, the 
nodal power balance at attack event A 2 in the cyber layer is: 

AgnPg - Hi { 0 * + c) = PdPHi0ii- Hi {0o + c°) . ( 11 ) 

where the right hand side terms represent the cyber load modi¬ 
fied at Ai. In the following attack events, i.e.. At, t = 3,..., T, 
the attacker can keep injecting c to maintain the false cyber 
load Pd. This in turn ensures that the optimal dispatch and the 
false cyber topology are maintained at Pq and Q, respectively, 
and the maximal power flow on the target line is sustained. 

To model the cyber-physical attack events Ag, Ai, and A 2 
between Sq and ^i, the optimization problem should capture 
the power balance relationship shown in ([n). However, since 
the switching attack line is determined by the optimization 
problem, both Hi and 0 q are unknown before solving the 
problem. On the other hand, for the pure cyber attack events 
A 2 and A 3 , the power balance in the cyber layer is 

AgnPg - Hi {0* + c) = Pd + HiO* - Hi {0* + c). (12) 
This is equivalent to the physical power balance as 

AgnPg - Hi0* = Pd- (13) 

Therefore, instead of directly modeling the cyber-physical 
attack events Ao,Ai, and A 2 between Sq and Si, we can 
model the pure cyber attack events A 2 and A 3 between and 
S2 to determine the attack vector c in the first step. Such a c 
should be subject to bounds on both the attacker’s sub-graph 
size and the load shifts. However, since the new topology Hi 
is still not known prior to the optimization, we replace Hi 
using the following equations: 

Hi0* = AknPk (14) 

PK=di^g{s)-H20* (15) 

where Akn is the rib x ribr branch-to-bus connectivity matrix, 
H2 is the ribr x rib dependency matrix between power flow 
and voltage angle for Q, s is the line status vector, diag{s) 
represents the diagonal matrix of s, Pk is the ribr x 1 power 
flow vector. In d, the sum of physical power flows on the 
set of branches connected to a bus is utilized to calculate 
the physical power injection at the bus. In ( [T5| ), the physical 
power flow vector is represented by the diagonal matrix of 
line status vector s multiply the cyber power flow vector, i.e., 
H20*. That is, if a line t is selected as the switching attack 
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line, the power flow Pki on line t is forced to be 0 , otherwise, 
Pxt = H 2 {t, where H 2 {t ,:) represents the row of H 2 - 
With these modifications, we can then model the system and 
cyber attack events from A 2 through S 2 to A 3 with a two- 
stage optimization problem, and hence, the switching attack 
line can also be determined as the solution of the optimization 
problem. After the switching attack line and the cyber attack 
vector c are both determined, the attack sub-graph S can be 
identified with the process stated in Section III The details of 


this problem is described in Subsection IV-A 


In the second step, we focus on the attack vector c° at Ai. 
We again use a two-stage optimization problem to determine 
the c° such that the optimal generation dispatch for this 
problem is forced to be same as that in Step 1. We, henceforth, 
define the attack vector solved in the second step as the initial 
attack vector. The details of the second step is introduced in 
Subsection IIV-BI 

The attack vectors c and c° are both DC attack vectors that 
can be detected by AC SE. Thus, to ensure the unobservability 
of the attacks, the attacker should construct two AC attacks 


with c and c°. This procedure is introduced in Subsection IV-C 


A. Step 1: Maximize Power Flow on A Line 

In Step 1, we introduce a two-stage optimization problem 
to determine the attack vector c and the switching attack 
lines such that the target line I in the attacker’s sub-graph 
S has maximal power flow subject to specific constraints as 
explained in the sequel. The two-stage optimization is given 
as 


be attacked; Nt is the maximum number of switching attack 
lines. 

The goal of the attack in ( [T 6 l ) is a multi-objective problem 
which includes maximizing the power flow on the target line 
I to create an overflow, while minimizing the Zo-norm of the 
attack vector, i.e., minimizing the attack sub-graph size. The 
power flow on I is maximized along the direction of the power 
flow prior to attack. In the first stage, constraints 
model the following attacker limitations: (i) only up to Nt 
switching attack lines can be physically tripped; (ii) alter up 
to Nq load-bus states; and (iii) limit cyber load shifts to at most 
tPd; respectively. The second stage optimization represents 
DC OPE, whose aim is to minimize operation cost in ( |20l l, 
subject to power balance constraints in and (| 2 ^, thermal 
limit constraint in ( [2^ , and generation limit constraint in ( |24l i. 

This two-stage optimization problem is nonlinear and non- 
convex. Eor tractability, we modify several constraints. 

Constraint ( |22l l is a nonlinear constraint which includes the 
product of binary variable s and continuous variable 9. It can 
be replaced by a linear form as follows 

r -PK + H29* ^M,ii-s) (r) 

I Pj,-H29*^M3{1-s) (/3+) 

] -Pk^Mi-s ( 7 -) 

[ Pk ^ Ml - s ( 7 +) 

where and 7 ^ are ni,r x 1 dual variable vectors for the 
corresponding constraints and Mi is a large number. 

Constraint is an Zo~iionn constraint on the attack 
vector, which is nonlinear and non-convex. It can be relaxed 
to a corresponding /i—norm constraint as: 


max Pki - C\\cc\\o (16) 

Tlbr 

s.t. Y.{^-Sk)=NT, SfcG {0,1} (17) 

/c=l 

||c£||o<iVo (18) 

- tPd < Hi (0* + c) - AknPk < rPo (19) 

{9\ = arg (PGg)| (20) 

s.t. AqnPg — AknPk = Pd (A) ( 21 ) 

Pk = diag (s) • H 29 ( 22 ) 

< iJ 2 (0 + c) < (/r-, p+) (23) 

Pr^Pc^PS"" (24) 


where Cg{-) is the cost function for generator p; Pc is rig x 1 
active power generation vector with maximum and minimum 
limit and P™" , respectively; Pk is Ubr x 1 physical 

power flow vector with thermal limit P™*; A is x 1 dual 
variable vector of constraint ( [ 2 T| i; pA are Ubr x 1 dual variable 
vectors of constraint respectively; are Ub x 1 dual 
variable vectors of constraint ( |24| ), respectively; Hi is Ub x nb 
dependency matrix between power injection and voltage angle 
for Q', H 2 is tlbr X Ub dependency matrix between power flow 
and voltage angle for Q-, Po is nt x 1 physical load vector, 
which has maximum load shift percentage r; is the weight 
of the norm of attack vector c; C represents the set of load 
buses; Nq is the maximum number of load-buses that can 


||c£||i = E ^ ^1- (26) 

n^C 

However, constraint ( |26l l is still nonlinear. We, thus, lin¬ 
earize it as follows: 

Cn ^ Cji ^ tinj A Ni. (27) 


where u is nioad x 1 non-negative slack variable vector. 

Once the attack vector determined by s and c is given in 
the first stage optimization problem, the second stage DCOPE 
problem (|20li—([24li and ( |25] l is then convex. The second stage 
optimization problem can then be replaced by its Karush- 
Kuhn-Tucker (KKT) optimality conditions as follows: 


V (^EC's {P*Gg)j + • V {AcNPh - AknP*k - Pd) 

'-H2i9*+c) 

H 2 {9* + c) 


+ [p--p+Y-N 


+ [a-;a+]^-V 


[/3-;/3+i 


K 

+ [T; 7 q‘-v| 


-PA 


-P; 


K 


omm 

G 

pmax 

■ H 29 *' 
-H 29 * 


pmax 

^K 

pmax 

^K 


-Ml- 


- Ml- 

= 0 


diag([p ;/r+])- 


-P 2 ( 0 * + c) 
H 2 {9* + c) 


pmax 

^K 

pmax 

^K 


1 —S 
1 —S 


= 0 


(28) 

(29) 
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diag([a ;«+])• 
diag([/3";/3+])- 

diag([7-;7+])- 


~^G 

p: 


G 


-PI 


K 

r>* 

K 


pmin 

G 

pmax 

■ H2e*' 

-H 2 O* 


-PI 

L P, 


K 


K 


- Ml- 


= 0 


-Ml- 


= 0 


1 —s 
1 —s 


[/i ;a+;/3 ;7 ;7+] ^ 0 


(30) 

= 0 

(31) 

(32) 

(33) 


where constraint ( |28| ) is the partial gradient optimal condi¬ 
tion, (|29i— are the complementary slackness constraints, 
@-(ig and ( |25] l are the primal feasibility constraints, and 
( 33l l represents the dual feasibility constraints. 

Particularly, the complementary slackness constraints 
(|29|l— ([ 3 ^ are nonlinear since they include product of con¬ 
tinuous variables. We then linearize them by introducing 
new binary variables 
constraint (|29ll can be rewritten as 


i5^±, 5a±, and i5..y±. For instance. 


^ - M - 


(34) 


( 0 * + c) + ^ ^ (1 - V) 

^+_- M - 5^+ 

-H2 {e* + c) + p^“ ^M{i-s^+) 

where M is a large positive number. Constraints (|30ll—(|32l) 
can be linearized using the same method. Particularly, for the 
linearized forms of constraints and ( |3^ , Mi and M are 
different values and Mi M. 

Using the approximate relaxation for the various constraints 
as detailed above, we obtain the following equivalent single- 
stage mixed-integer linear problem with the objective 


max P, 


Kl 




(35) 


subject to ([^, ([^, (1^, ([^ 1 , 

and the linearized forms of constraints (|30ll—([3^. Note that 
since no real-time data is required in the above optimization 
problem, the attacker can solve this step offline to determine 
the switching attack line to trip and the attack vector c. 


B. Step 2: Determine Initial Attack Vector 

In this step, we determine the attack vector at events Ai. As 
stated earlier, c°, the attack vector at Ai, is chosen to ensure 
that the resulting load shifts lead to the optimal dispatch solved 
in Step 1, i.e., Pq. To this end, we use a two-stage optimization 
problem similar to Step 1 to determine c°. Note that since the 
switching attack line and attack sub-graph are both determined 
in Step 1, the dependency matrix between power injection and 
voltage angle, i.e., Hi for the physical topology Q at Ai is 
known to the attacker, and the cyber loads are given by 
As stated in Section III the attacker only has access to 
the measurements inside S. Thus, the attacker cannot directly 
obtain the whole system physical states Oq. However, assuming 
Bs and Bns represents the set of buses inside and outside 
S, respectively. The vector of cyber loads resulting from an 
unobservable attack satisfies the following relationship; 

- Hi^^ + A 


Pd = 


P«-4 

TD^NS 


(36) 


where P®'^ is the vector of physical loads for all buses inside 
5, P^~^ is that for all buses outside 5, Pf® and 
represents the sub-matrices of Pi and Pi for the set of buses 
inside S, respectively. For the physical system states , 
attacker uses the estimated states to compute ( [36] l. 

The two-stage optimization can be written as follows: 


min 

s.t. 


Ilcdio 


(37) 


— -rP®'® < 
TDd ^ 

||C£|lo ^ -^0 



D-i Oq ^ TDjj 


(38) 

(39) 


{r,Pa} =ar 5 


min 

9 ,Pg 


iLg 

s=i 


(40) 


s.t. Agn - Pg — Hi - 9 

^ ■ p®- + - P^( 0 /" + cO) 

p^NS 

-p”“ P 20 pr' 

Pg = P*gi (a) 


(A) 

(41) 

(42) 

(43) 


where P^j^ is Ug x 1 optimal generation vector solved in Step 
1; a is rig X 1 dual variable vector of constraints ( |4^ . The 
objective ( |J7l i is to minimize the Zq— norm of the attack vector. 
Constraint •HZ) represents load shift limitation. Constraints 
(|40|—(|43| represent the second stage DCOPF problem, which 
guarantees that the attack vector selected in the first stage 
leads to the optimal dispatch Pqi- The Zo~norm constraint 
can be relaxed to a linearized ^i—norm constraint as ( |26l l. 
The objective can be represented as ZZ This problem can 

Tl£C 

then be converted to a single stage optimization problem using 
methods similar to those as in detailed Step 1. 


C. Implementation 

The method to construct an unobservable AC attack with 
a DC attack vector has been introduced in |jTT) for FDI 
attacks without topology alteration. In this paper, we focus 
on constructing AC unobservable cyber-physcial attacks. The 
procedure is as follows: 

1) Solve the Step 1 optimization offline to obtain the 
switching attack line t and the attack vector c. 

2) Identify the attack sub-graph S with c and line t. 

3) Launch the physical attack on the switching attack line. 

4) Perform local SE inside S with slack bus chosen as one 
arbitrary load bus in S to obtain 0®®; 

5) Solve the Step 2 optimization problem to obtain c°; 

6) For all load buses m inside S, set 0om = 

7) For all non-load buses, since the net injections are not 
changed, the nodal balance equations for each non-load 
buses are 

^GnPg ^ P 77^gSin0^g )=0 (44) 

jaBrm 

-^gnQg ^ H^jsii\6^j^=0 (45) 

j&Brm 
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where Aqj^ represents the m* row of Aqn, Qg repre¬ 
sents the reactive power generation vector, Gmj + iBmj 
is the (to, j)* entry of the bus admittance matrix, and 
Omj = Sm — 0j is the voltage angle difference between 
bus TO and j, Brm is the set of branches connecting to 
bus TO for Q. These equations can be solved iteratively 
with Newton-Raphson method. 

8 ) After updating the cyber states for the non-load buses, 
using equation ([^ to calculate the AC attack for Ai. 

9) Repeat Steps 4)—7) (without solving Step 2 optimiza¬ 
tion) to construct AC attacks with c for A 2 ,,..,t- 

V. Numerical Results 

In this section, we test the effect of attacks designed with 
the two-step attack strategy for a nonlinear system model. The 
test system is the IEEE 24-bus reliable test system (RTS). 
We assume: (i) the system is operating under optimal power 
flow; and (ii) the loads of the system are constant and are 
equivalent to the historic load data that is assumed to be known 
to the attacker. To model realistic power systems, we assume 
that there are congestions prior to the attack and the attacker 
chooses one congested line as target to maximize power flow. 
We use MATPOWER to run AC power flow and AC OPE. 
The optimization problem is solved with CPLEX. 

A. Solution for the attack designed with the attack strategy 

The solution of the unobservable topology attack determined 
by the two-step attack strategy is tested in this subsection. 
In order to understand the worst-case effect of attacks, we 
assume there is a line congested prior to the physical attack. 
This is achieved in simulation by reducing the line rating to 
95% of the base case power flow (apparent power) to create 
congestion. We exhaustively test all 38 lines as targets in the 
system and let Q, the weight for the ^i—norm term in the 
objective in ( |35] ), be 1% of the original power flow on each 
target line. Eig. [^illustrates the maximal power flow (PE) and 
attack size (# of buses in sub-graph) for load shift bounds 
T = 10%, total lines to physically attack Nt = 1, and the li- 
norm constraint Ni = 0.06. The plot in Eig. |^a) indicate the 
flow attack end of system event S*! using attack vector from 
event Ai. In Eig. [^a), we compare the physical power flow 
(apparent power, we denote it as AC PE) in each line to the 
power flow solved in linear model (we denote it as DC PE). In 
Eig. I^b), we plot the number of center buses, i.e., Zq— norm 
of the attack vector, and the total number of buses inside the 
attack sub-graph for each target line. 

Erom Eig. [^a) we can observe that the attack vector deter¬ 
mined by the two-stage optimization problem cause overflows 
in 33 target lines in linear model, i.e., 86.84% of the attacks 
are successful. Eor all such successful attacks, using the attack 
vector to construct an attack in the nonlinear model, in Eig. 
j^a), the AC PE in each line tracks DC PE solved with the 
attack strategy. In particular, 2 cases with target lines 9 and 
11 , respectively, have no center buses, i.e., for these lines the 
state-preserving attacks introduced in ||^ suffice. In Eig. [^b), 
we can observe that 72.73% of the successful attacks can be 
launched inside a sub-graph with less than 16 total buses. 
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Fig. 3. Summary of all 38 target lines under with r = 10% and A^i = 0.06. 



(d) 

/^-norm constraints (rad) 

(a) Maximum PF (b) Zi—norm of attack vector (c) Zq— norm of attack 
vector (d) the switching attack line v.s. the conditional Zi—norm constraints. 
Fig. 4. Target Line 12 (Connecting Bus 8 - Bus 9) with r = 10%. 


In Eig. [^ we illustrate the effect of the Zi—norm constraint 
on the maximal power flow (Eig. [4 a)), the Zi— and the 
Zq— norms of the attack vector (Eigs. ^b) and Qc), respec¬ 
tively), and the switching attack line (Eig. Qd)) for target line 
12 solved with Step 1 optimization. In each sub-figure, we 
illustrate the two solutions: one with ( (red) and the other 
without ( (black) in the objective function. Erom Eigs. [^ 
(a)—(c), we can see that for the solutions without Zi—norm 
in objective (i.e., C = 0) as the Zi—norm constraint is relaxed, 
the maximal target line power flow as well as the Zi— and 
Zq— norms of attack vector also increase. In contrast, for plots 
with the Zi—norm in the objective, the Zi—norm ensures that 
the vector with the smallest number of center buses is chosen. 
This in turn implies that when the Zi—norm in the objective 
is tight, the resulting power flow may be smaller than that 
obtained without such a constraint. These differences are 
illustrated in Eigs. Qa)— (c). In Eig. j^d), we demonstrate that 







































































































the switching attack line chosen by the optimization problem 
changes from line 2 to line 8 as the Zi—norm constraint is 
relaxed. In general, tripping line 8 requires a large load shift, 
and thus, is only possible for larger Zi—norm constraint as 
then the cyber load changes can be distributed over a larger 
number of load buses in the sub-graph. 


B. Consequences of the attack in the nonlinear model 

In this subsection, we select a typical case to demonstrate 
the consequence of the unobservable state-and-topology cyber¬ 
physical attack determined by the attack strategy in the non¬ 
linear system model. In this case, the target line is line 12 with 
T = 10%, Nt = 1, and iVi = 0.06. Under this condition, the 
switching attack line is line 2. 

For the chosen target line, after launching the physical 
attack at and injecting the initial cyber attack constructed 
with c° at Ai, the active power generation dispatch for 
generators at bus 7 and 13 change from 215.69 MW and 
230.96 MW to 200.69 MW and 245.67 MW, respectively 
(the dispatch of other generators remain unchanged). In the 
following events, as the attacker continues to inject the AC 
attacks constructed with attack vector c (determined by Step 1 
optimization), the active power generation for these two set of 
generators are maintained at these values. Fig. [^demonstrates 
the cyber and physical power flow variation during 20 system 
events. From Fig. [^ we can observe that once the active 
power generation dispatch changes to the optimal dispatch 
and remains unchanged in the subsequent system events, the 
physical overflow in the target line will be maintained by 
injecting the AC attack constructed with attack vector c. The 
heat accumulation may eventually cause this line to overheat 
and then trip offline all the while remaining unobservable to 
the control center. 
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Fig. 5. Power Flow Variation on Line 12 During 20 System Events. 


We compare the load shifts caused by the attacks in both 
the linear and nonlinear system models and find that the load 
shifts in the nonlinear system model track those in the linear 
system model for most of the successful attacks. The only two 
exceptions are for lines 13 (i.e., 20% load shift on a bus) and 
23 {i.e., 15% load shift on a bus). 

For the successful attacks with other target lines, we observe 
similar attack consequences in the nonlinear model. 


attack sub-graph and limited load shifts. We have shown that 
attacks designed with the proposed two-step attack strategy 
can cause physical line overloads in the IEEE 24-bus RTS 
even when the attack is subject to bounds on changes in load, 
for both linear and nonlinear models. The proportion of the 
successful attacks in the nonlinear system model is 86.84%, 
which shows the vulnerability of the system to such attacks. 

A potential countermeasure is to use historical data to 
forecast and predict expected generation dispatch. The cyber 
load patterns created by the attack will in general be different 
from the normal load shift patterns that lead to the same 
dispatch plan. Thus, such forecasting can lead to detection 
of anomalies in both loads and dispatch. 

An important extension to study is to understand the impact 
of attacks when the attacker has access to topology and 
generation data only for a sub-network. While our attack 
model restricts data changes to a sub-graph, it still requires the 
attacker to have knowledge of the complete system topology 
and generation data. Yet another avenue is to study the worst- 
case attacks that trip multiple switching attack lines and 
maximize power flow on multiple target lines. 
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VI. Concluding Remarks 

In this paper, we have introduced a class of unobservable 
topology attacks in which both topology data and states for a 
sub-graph of the network are changed by an attacker. We have 
proposed a two-step attack strategy to maximize the power 
flow on a target line subject to constraints on limited size of 

























